Containers

Learn about containers, the difference between virtual machines and containers, and new features in the Linux kernel.

What are containers?#

The relationship between virtual machines and containers can be confusing. Containers are functionally and conceptually similar to VMs in some ways, but they aren’t virtual machines. They don’t use or need a hypervisor. Containers are processes that use new features, first built into the Linux OS to initiate themselves in isolated process spaces. Linux-based container file systems are based on common Linux distributions such as Ubuntu or CentOS. Windows containers are based on versions of the Windows Server.

The table below highlights the differences between virtual machines and containers.

Comparison Between VMs and Containers

Virtual Machines

Containers

Use a hypervisor

Don't use a hypervisor

Can be run concurrently (many VMs on a single host/hypervisor)

Can be run concurrently (many containers on a single OS)

Run a full OS

Run an isolated process in a scaled-down version of a Linux or Windows OS

Each have a separate running kernel

Share kernel resources with the host

Require dedicated CPU and memory

Share CPU and memory with the host

Takes minutes to start; must run through a full boot cycle

Takes seconds to start; starts as fast as a typical process

Requires 20GB–250GB of storage

Requires as little as 100MB of storage

New features in Linux kernel#

Between 2007 and 2008, several new features were added to Linux kernel that collectively introduced the concept of containers. The kernel of an OS is its central process. This process executes the fundamental services of an OS, such as process and thread management, memory management, and access to peripherals. A container is a process that runs in an isolated process space and file system within an OS.

The new container features of the Linux kernel held great promise, but they were very low-level, meaning that they required a deep understanding of their workings and of Linux programming to use them. This meant that only experienced Linux software engineers were able to write software to take advantage of container features. There wasn’t yet a set of tools available to make containers easy for everyone to use.

Virtualization

Docker